platform/docs
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
docs/COST_PLAN.md
T
sharang 6db9c7645e
ci / shared (push) Failing after 7s
Details
chore: bootstrap repo scaffolding (M0.1) 
Bootstraps §1.2 scaffolding (README, CONTRIBUTING, CODEOWNERS, CHANGELOG, PR + issue templates, LICENSE, CI workflow, release workflow, commitlint, cliff, .editorconfig, .gitignore, .env.example) and ships a proprietary all-rights-reserved LICENSE naming both founders.

Refs: M0.1
2026-05-18 19:15:30 +00:00

259 lines
16 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Cost Plan — SysEleven Infrastructure
Companion to `INFRASTRUCTURE.md` and `IMPLEMENTATION_PLAN.md`. Pricing source: `SysEleven-Cloud-Services-Preisinformationen_01_26_v2.pdf` (effective 2026-01-20). All prices net EUR, exclusive of 19% VAT. Region: DUS2 + HAM1.
---
## 1. TL;DR
**Locked topology (2026-05-18):** 4 billable VMs — 1 stage + 3 prod — totalling **48 GiB-RAM**. See `INFRASTRUCTURE.md §1`.
All four pricing modes, side by side, at the locked sizing:
| Mode | Compute €/mo | Storage €/mo | Network €/mo | **Total net €/mo** | + 19% VAT | **Annual gross €** |
|---|---:|---:|---:|---:|---:|---:|
| **On-Demand** | 434.50 | 112 | 2.92 | **549.42** | 653.81 | **7,846** |
| **12-month commit** | 295.20 | 112 | 2.92 | **410.12** | 488.04 | **5,856** |
| **36-month no upfront** | 216.00 | 112 | 2.92 | **330.92** | 393.79 | **4,725** |
| **36-month upfront** | 192.00 | 112 | 2.92 | **306.92** | 365.23 | **4,383** |
**36M upfront one-time payment**: €6,912 net at signing (compute only; storage + network still billed monthly).
**Recommended cash plan for Year 1:**
1. Months 13: burn On-Demand (~€549/mo) while flavors get proven against real workload
2. Month 4 onward: sign 36M-upfront commit at proven size (~€307/mo)
3. Year-1 total infra: **€4,410 net / €5,248 gross** + one-time €6,912 upfront in Month 4
Growth tiers extend that same baseline (next 4 sections drill in).
---
## 2. What to use / what to skip
### Use from day one
| Service | Why | Cost |
|---|---|---|
| **OpenStack IaaS (m2 GP)** | Bread and butter. General-purpose 1:4 vCPU:RAM fits everything. | per VM, see §3 |
| **Block Storage (Ceph)** | 3x replicated, persistent. €0.10/GiB/mo. | per GiB |
| **Object Storage (S3)** | Backups, audit logs, demo seed bundles, export ZIPs. €0.02/GiB/mo. | per GiB |
| **Floating IP** | Public IPs for vm-edge (1) and stage (1). | €2.92/IP/mo |
| **VPN as a Service** | Inclusive. Use for ops access from our laptops. | €0 |
| **Self-Service Support** | Free. Adequate while we're shaking out the platform. | €0 |
### Defer until clearly needed
| Service | When to add | Cost |
|---|---|---|
| **DNS Zones (DNSaaS)** | Never — we self-host PowerDNS on vm-edge per [[self-hosted-oss-first]] | €10/zone — skipped |
| **Load Balancer (Octavia)** | When we add a second vm-edge for HA (Tier D). Until then orca-proxy + Floating IP is enough. | €14.6057.67/mo |
| **Business Support** | When MRR > €5k. Below that, Self-Service docs cover us. | €185/mo |
| **Priority Support** | Only if we sign an Enterprise contract that requires <1h response. | €545/mo |
| **DDoS Guard PLUS** | After first attack OR before launching anything customer-promoted. | €875/mo |
| **DBaaS PostgreSQL Cluster** | When tenant_registry Postgres becomes the bottleneck (200+ customers, see RISK-1 in INFRASTRUCTURE.md). | €213426/mo per cluster (m2.smallmedium, 36M upfront) |
| **MetaKube Core (managed K8s)** | We use Orca (the user's own product). MetaKube would compete with Orca, not complement it. Skip unless Orca is replaced. | €0 by design |
| **Managed VM (Business/Priority)** | Defeats Orca. We are the ones who manage VMs. | skipped — saves €1k+/mo |
| **Operational Support Platform** | €759–€1,479/mo. Massive overkill until late stage. | skipped |
### GPU instances (separate concern)
LiteLLM today is a passthrough. If we ever self-host an inference model:
- **L40S (24 GB GPU RAM)**: €1,309/mo On-Demand, €1,086 (12M), €877 (24M)
- **H100 NVL (94 GB)**: €5,755/mo On-Demand, €4,637 (12M), €3,743 (24M)
For now: route LLM calls through LiteLLM → external provider. Add GPU only if a customer pays for dedicated inference.
---
## 3. Per-VM sizing — Locked topology (Tier A, 5 customers)
Flavor mapping from `INFRASTRUCTURE.md §1` to SysEleven `m2` General Purpose (1 vCPU : 4 GiB RAM, 50 GiB ephemeral root included).
### Compute — all four pricing modes side by side
| VM | Env | Flavor | vCPU | RAM | On-Demand | 12M | 36M no-upfront | 36M upfront |
|---|---|---|---:|---:|---:|---:|---:|---:|
| stage | stage | m2.small | 2 | 8 GB | 72.42 | 49.20 | 36.00 | 32.00 |
| vm-edge | prod | m2.small | 2 | 8 GB | 72.42 | 49.20 | 36.00 | 32.00 |
| vm-control | prod | m2.medium | 4 | 16 GB | 144.83 | 98.40 | 72.00 | 64.00 |
| vm-data | prod | m2.medium | 4 | 16 GB | 144.83 | 98.40 | 72.00 | 64.00 |
| **TOTAL** | | | **12** | **48 GB** | **434.50** | **295.20** | **216.00** | **192.00** |
**36M upfront one-time cost:** 192 × 36 = **€6,912 net** at signing (compute only; everything else billed monthly).
**Reference per-GiB-RAM rates** (the linear model behind all numbers above):
| Mode | €/GiB-RAM/mo |
|---|---:|
| On-Demand | 9.05 |
| 12M commit | 6.15 |
| 36M no-upfront | 4.50 |
| 36M upfront | 4.00 |
Any future sizing change can be sanity-checked as `RAM × rate`.
### Storage — Tier A steady state
| Item | GiB | €/GiB/mo | €/mo |
|---|---:|---:|---:|
| stage block (ephemeral PG + Mongo + Qdrant in-VM) | +50 | 0.10 | 5.00 |
| vm-edge block (pg-keycloak + pg-infisical + Gitea repos) | +50 | 0.10 | 5.00 |
| vm-control block (MariaDB + Stalwart spool) | +250 | 0.10 | 25.00 |
| vm-data block (MongoDB + pg-app + Qdrant + MinIO) | +500 | 0.10 | 50.00 |
| Object storage — geo-redundant backups (DUS2↔HAM1) | ~500 | 0.0496 | 25.00 *(€12.50 first 6mo via launch discount)* |
| Object storage — seed bundles + exports + audit archive | ~100 | 0.02 | 2.00 |
| **Storage subtotal (steady state)** | | | **112.00** |
| **Storage subtotal (first 6 months)** | | | **99.50** |
### Network
| Item | €/mo |
|---|---:|
| 1 Floating IP (vm-edge — only public host in prod) | 2.92 |
| 1 Floating IP (stage — public for tester access) | 2.92 |
| PowerDNS (self-hosted on vm-edge) | 0 |
| Octavia Load Balancer (deferred to Tier D HA phase) | 0 |
| **Network subtotal** | **5.84** |
> Storage table above uses 1 Floating IP. Adjust to **€5.84** if running stage with its own public IP (recommended). One-line delta of €2.92/mo.
### Combined Tier A — four-mode summary
| Mode | Compute | Storage | Network | **Total net €/mo** | + 19% VAT | **Annual gross €** |
|---|---:|---:|---:|---:|---:|---:|
| On-Demand | 434.50 | 112 | 5.84 | **552.34** | 657.28 | **7,887** |
| 12M commit | 295.20 | 112 | 5.84 | **413.04** | 491.52 | **5,898** |
| 36M no-upfront | 216.00 | 112 | 5.84 | **333.84** | 397.27 | **4,767** |
| 36M upfront | 192.00 | 112 | 5.84 | **309.84** | 368.71 | **4,425** |
### Recommended cash plan — Year 1 (use this line in the pitch)
| Months | Mode | €/mo (net) | Subtotal € |
|---|---|---:|---:|
| 13 (rightsizing window) | On-Demand | 552.34 | 1,657 |
| 412 (proven baseline) | 36M upfront | 309.84 | 2,789 |
| **Year-1 infra net** | | | **4,446** |
| + 19% VAT | | | **5,291** |
| + one-time 36M upfront in Month 4 | (compute)| | **6,912** |
| **Year-1 cash out (gross)** | | | **12,203** |
### 3-year cumulative (full 36M commitment term)
| Item | € |
|---|---:|
| Months 13 On-Demand (compute+storage+net) | 1,657 |
| Compute 36M upfront (paid Month 4) | 6,912 |
| Storage + network, 36 months × ~118 €/mo | 4,248 |
| **3-year infra net** | **12,817** |
| + 19% VAT | **15,252** |
---
## 4. Growth tiers — what scales when
### Tier A — Pilot (5 customers, first 6 months)
- **Locked topology**: 4 VMs (stage + vm-edge + vm-control + vm-data). See INFRASTRUCTURE.md §1.
- **Year 1 cash plan**: 3 months On-Demand → 36M upfront. ~€310/mo committed compute+storage+net + one-time €6,912.
- **Add**: Self-Service support (free). Skip LB, DNSaaS, DDoS, DBaaS, MetaKube, Managed Services.
### Tier B — Early growth (50200 customers, Year 1)
- **Vertical scale only.** Bump vm-data m2.medium → m2.large (+€64/mo for 36M upfront).
- **Add cold-standby vm-edge-spare** (€0 idle, only billed during a swap event).
- **Add Business Support** (€185/mo) once MRR > €5k.
- **Add LB Single Instance** (€14.60/mo) when we want zero-downtime portal deploys.
- **Add DDoS Guard PLUS** (€875/mo) before any marketing push.
- Estimated total: **~€1,1001,400/mo + VAT**.
### Tier C — Scale (5001000 customers, Year 12)
- **Split vm-data** into vm-data + vm-data-db (move pg-app to its own VM; resolves RISK-1).
- Alternative: move pg-registry to DBaaS m2.small cluster (3 inst, 36M upfront): **€213/mo**
- **Split vm-control** into vm-control + vm-ops (ERPNext + MariaDB + Stalwart go to vm-ops): **+€64/mo**
- **HA edge**: second vm-edge, switch Floating IP → Load Balancer Double Instance (**€58/mo**).
- **Object storage growth:** audit logs, exports, demo backups → estimated 2 TB = **€40/mo**.
- Estimated total: **~€2,0002,500/mo + VAT**.
### Tier D — Full scale (2000 customers, Year 23)
- **3-node clusters** on hot paths: vm-control × 2, vm-data × 2.
- **Split vm-edge** into vm-edge + vm-identity + vm-secrets (back toward original 7-VM design).
- **DBaaS m2.medium cluster** (4V/16GB, 36M upfront): **€426/mo** for tenant_registry.
- **Keycloak HA cluster**: 2 vm-identity (m2.medium) + Postgres replica.
- **Priority Support** (€545/mo) becomes worth it.
- **Object storage:** ~5 TB = **€100/mo**.
- **DDoS Guard PREMIUM** (€2,200/mo) if traffic warrants — likely stays on PLUS.
- Estimated total: **€4,5006,000/mo + VAT**.
### Compute scaling cheat sheet (vs locked topology)
| Tier | Customers | Topology delta from Tier A | Compute €/mo (36M upfront) |
|---|---:|---|---:|
| **A** | 5 | locked baseline: stage + 3 prod VMs (48 GiB) | **192** |
| **B** | 200 | + vm-data bumped m2.med → m2.large (+16 GiB) | **256** |
| **C** | 1000 | + split vm-data (+16 GiB), split vm-control (+16 GiB) | **384** |
| **D** | 2000 | + split vm-edge (3 → 3 VMs), HA clusters (~+90 GiB) | **~640** |
The **€4/GiB-RAM/mo rate** (GP, 36M upfront) is the linear model — everything else (storage, network, support, DBaaS, DDoS) scales sub-linearly with customer count. Compute is never the bottleneck on the bill.
---
## 5. Cost per customer
| Tier | Customers | Monthly infra net (€) | Per customer/month (€) |
|---|---:|---:|---:|
| A | 5 | 310 | **62.00** |
| B | 200 | 1,200 | **6.00** |
| C | 1000 | 2,300 | **2.30** |
| D | 2000 | 5,000 | **2.50** |
At Tier A the per-customer cost is irrelevant — fixed costs dominate. From Tier B onward our gross margin on a Professional plan (assume €99/customer/month) is **~94%** infrastructure-only. Add LLM passthrough (LiteLLM) + Polar.sh fees (~5%) + on-call time, and we are still well above the 80% gross margin floor SaaS investors look for.
**Break-even: ~4 paying customers at €99/mo covers Tier A infra (€310/mo net).**
---
## 6. SysEleven services we explicitly skip and why
| Service | Why skip |
|---|---|
| DNSaaS (€10/zone) | We self-host PowerDNS on vm-gateway. €0 marginal cost since vm-gateway exists anyway. |
| MetaKube Core | Orca already orchestrates our containers. MetaKube would mean abandoning Orca, which the user owns. |
| MetaKube Accelerator | Same — competes with Orca. |
| MetaKube Operator add-ons (ExternalDNS, Cert-Manager, Tideways, Velero etc. at €78171/mo each) | We pick and roll our own per [[self-hosted-oss-first]]. |
| Managed VM (Business €128142/mo per VM, Priority €164182) | Defeats Orca. We are the operators. Saves €1k+/mo at 7 VMs. |
| Operational Support Platform (€7591,479/mo) | Massively over-specified for our scale. Buy individual Engineering Support days (€1,264/day) on demand if a real incident requires it. |
| DDoS Guard PREMIUM (€2,200) / ENTERPRISE (€4,800) | PLUS at €875/mo is enough for ≤500-customer scale. Upgrade if we see actual 1+ Tbps attacks. |
| Block Storage for Databases (€0.09 vs €0.10) | The €0.01/GiB difference saves ~€5/mo at our scale. Use it only on DBaaS cluster volumes (where SysEleven enforces it anyway). |
---
## 7. Negotiation levers
SysEleven publishes list prices but is open to commercial negotiation, especially as a German Mittelstand provider courting startups. Things worth asking for:
1. **Startup credits.** Hetzner, OVH, and most EU clouds run startup-credit programs. Ask SysEleven for the equivalent before signing the 36M commit. Even €510k of credits = 612 months of Tier A infra free.
2. **EXIST / HTGF discount.** If we close the €1.5M raise (`project_breakpilot_fundraising`), SysEleven sometimes offers "Gründerförderung" pricing for HTGF-backed companies.
3. **Single-region discount.** We don't need DUS2 + HAM1 geo-redundancy at Tier A. Ask if single-region (DUS2 only) is cheaper.
4. **Object storage commitment.** 6-month 50%-off on geo-redundant storage applies anyway, but bulk commitments on regular S3 may unlock further pricing.
5. **Bundled support.** If we commit to 36M IaaS + Business Support, ask for support fee waiver in year 1.
6. **Move-in incentive.** Negotiate a setup/migration credit covering first 3 months of On-Demand burn.
---
## 8. Open questions / things to validate
- **Port 25 outbound from vm-ops.** Confirmed with SysEleven that outbound SMTP is allowed by default; if not, fall-back is to relay through Postal/Postmark for transactional only.
- **Region choice.** DUS2 vs HAM1 — DUS2 is the only region for L40S GPUs, HAM1 has A30. If we never self-host inference, region is purely a latency choice (DUS2 closer to most EU customers).
- **Geo-redundant Ceph backups.** Currently planning local block + S3 backup. Could also use SysEleven's geo-redundant S3 (DUS2 ↔ HAM1) for true DR. Cost: €0.05/GiB/mo vs €0.02 single-region. At 500GB backup that's €15/mo extra — buy it.
- **Egress traffic.** Fair Use policy — they reserve the right to bill if we exceed normal patterns. CERTifAI LLM passthrough could be heavy. Ask for clarification on what triggers metered billing.
- **VPN-as-a-Service inclusive.** Confirmed in the pricing doc. Use it for ops access — replaces our need to build IP-allowlists into Orca-Proxy for `erp.` and `git.`.
---
## 9. Recommendation summary
1. **Sign On-Demand for first 90 days.** Burn ~€1,365/mo while you find the right flavor for each VM.
2. **At Day 90, commit 36M upfront on proven baselines.** Cuts monthly to ~€700.
3. **Keep all 7 VMs separate.** The €100/mo difference vs. consolidation is not worth losing failure isolation.
4. **Skip every Managed Service.** We have Orca.
5. **Add Business Support at €5k MRR, DDoS PLUS before any public marketing push.**
6. **Negotiate startup credits before signing.** Could be worth months of free infra.
---
*End of document. Pricing snapshot 2026-01-20; re-check before signing commitments.*
Reference in New Issue View Git Blame Copy Permalink